<?php session_start();?>
<?php require_once('Connections/database.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {
  $insertSQL = sprintf("INSERT INTO sanpham (MaSanPham, TenSP, MoTa, Gia, MaDM, `New`, Hot, urlHinh, Xoa, NgayCapNhat) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, NOW())",
                       GetSQLValueString($_POST['MaSanPham'], "text"),
                       GetSQLValueString($_POST['TenSP'], "text"),
                       GetSQLValueString($_POST['MoTa'], "text"),
                       GetSQLValueString($_POST['Gia'], "int"),
                       GetSQLValueString($_POST['MaDM'], "int"),
                       GetSQLValueString(isset($_POST['New']) ? "true" : "", "defined","'Y'","'N'"),
                       GetSQLValueString(isset($_POST['Hot']) ? "true" : "", "defined","'Y'","'N'"),
                       GetSQLValueString($_POST['HinhAnh'], "text"),
					   0);

  mysql_select_db($database_database, $database);
  $Result1 = mysql_query($insertSQL, $database) or die(mysql_error());

  $insertGoTo = "SanPham.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}

mysql_select_db($database_database, $database);
$query_DanhMuc = "SELECT * FROM danhmuc WHERE Xoa = False";
$DanhMuc = mysql_query($query_DanhMuc, $database) or die(mysql_error());
$row_DanhMuc = mysql_fetch_assoc($DanhMuc);
$totalRows_DanhMuc = mysql_num_rows($DanhMuc);

if(!isset($_SESSION['user']))
{
	header("Location: login.php");	
}
?>
<!DOCTYPE html>
<html>
<head>
    <title>Admin</title>
	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
    <link href="Content/style.css" rel="stylesheet" type="text/css" />
    <link href="Content/jquery-ui-1.9.2.custom.css" rel="stylesheet" type="text/css" />
    <script src="Scripts/jquery-1.8.3.min.js" type="text/javascript"></script>
    <script src="Scripts/jquery-ui-1.9.2.custom.min.js" type="text/javascript"></script>
    <script src="Scripts/jquery.validate.min.js" type="text/javascript"></script>
    <script src="Scripts/ckeditor/ckeditor.js" type="text/javascript"></script>
<script src="uploadScript.js" type="text/javascript"></script>
    
<script type="text/javascript">
        $(document).ready(function () {
            $('.dropdown').hover(function () {
                $(this).find('.sub_navigation').toggle();
            });
        });

        function MenuClick(url) {
            window.location.href = url;
        }
    </script>
   <script type="text/javascript">
    $(document).ready(function () {
        $("#MenuSanPham").removeClass("dropdown").addClass("active");
		
		CKEDITOR.replace( 'MoTa' );
    });
</script>
</head>
<body>
    <div id="wrap">
        <div id="header">
            <img alt="dat nuoc viet logo" src="Content/Images/gift_logo_20.png" height="100px"/>
        </div>
        <div id="menu">
            <ul id="navigation">
                <li class="dropdown" id="MenuHome"><a href="index.php" class="menuitem">Trang chủ</a></li>
                <li class="dropdown" id="MenuDanhMuc"><a href="DanhMuc.php" class="menuitem">Danh mục</a>
                </li>
                <li class="dropdown" id="MenuSanPham"><a href="SanPham.php" class="menuitem">Sản phẩm</a>
                </li>
                <li class="dropdown" id="MenuCP" onclick="MenuClick('/Admin/AdminHome/ChangePassword');"><a href="/Admin/AdminHome/ChangePassword" class="menuitem">Thay đổi mật khẩu</a></li>
            </ul>
        </div>

        <div id="date">
            <div class="datecontrol">
                <a href="../index.php" target="_blank">Trang chủ</a>&nbsp;&nbsp;&nbsp;
                <a href="logout.php">Đăng xuất</a>
            </div>
            <div class="clear">&nbsp;</div>
        </div>
        <div id="content">
			<div class="contenttitle">
                <div class="titleplace">
                    <span>Thêm mới sản phẩm</span>&nbsp;&nbsp;&nbsp;
                </div>
                <div class="buttonplace">
            		<a href="SanPham.php">
                        <input type="button" value="Danh sách sản phẩm" />
                  </a>
                </div>
                <div class="clear">&nbsp;</div>
            </div>
            <div class="contentitem">
  				<form method="POST" action="<?php echo $editFormAction; ?>" name="form">       
                    <div class="atributelabel">Mã sản phẩm <span style="color:Red;">(*)</span>:</div>
                    <div class="atributeeditor"><input type="text" class="input250" name="MaSanPham" id="MaSanPham"/></div>
                    <div class="clear">&nbsp;</div>
                    
                    <div class="atributelabel">Tên sản phẩm <span style="color:Red;">(*)</span>:</div>
                    <div class="atributeeditor"><input type="text" class="input250" name="TenSP" id="TenSP" value=""/></div>
                    <div class="clear">&nbsp;</div>
                    
                    <div class="atributelabel">Giá: <span style="color:Red;">(*)</span>:</div>
                    <div class="atributeeditor"><input type="text" class="input250" name="Gia" id="Gia" value=""/></div>
                    <div class="clear">&nbsp;</div>
                    
                    <div class="atributelabel">Danh Mục: <span style="color:Red;">(*)</span>:</div>
                    <div class="atributeeditor">
   	  				    <select name="MaDM" id="MaDM" style="width:250px">
                        	<?php do { ?>
       	  				    <option value="<?php echo $row_DanhMuc["idDanhMuc"]; ?>"><?php echo $row_DanhMuc["TenDanhMuc"]; ?></option>
       	  				  <?php } while ($row_DanhMuc = mysql_fetch_assoc($DanhMuc)); ?>
                       </select>   
                    </div>
                    <div class="clear">&nbsp;</div>
                    
                    <div class="atributelabel">&nbsp;</div>
                    <div class="atributeeditor">
                    	<label>Sản phẩm mới: </label><input type="checkbox" name="New" id="New" value=""/>
                        <label>Sản phẩm Hot: </label><input type="checkbox" name="Hot" id="Hot" value=""/>
                  	</div>
                    <div class="clear">&nbsp;</div>
                    
                    <div class="atributelabel">Hình ảnh: <span style="color:Red;">(*)</span>:</div>
                    <div class="atributeeditor"><input type="text" class="input250" name="HinhAnh" id="HinhAnh" value=""/>
                    <input type="button" value="Upload" onclick="MoFormUploadHinh('HinhAnh', 'SanPham')" /></div>
                    <div class="clear">&nbsp;</div>
                    
                    
                    <div class="atributelabel">Mô tả chi tiết: <span style="color:Red;">(*)</span>:</div>
                    <div class="atributeeditor">
                   	  <textarea id="MoTa" name="MoTa" ></textarea>
                        <div style="margin-top:10px"><b>Upload hình ảnh: </b><input type="button" value="Upload" onclick="MoFormUploadHinh('HinhSeChenVaoNoiDung', 'SanPham')" /></div>
    					<img src="" id="HinhSeChenVaoNoiDung" align="left" width="150px"/>
                    </div>
                    <div class="clear">&nbsp;</div>
                    
                    <div class="atributelabel">&nbsp;</div>
                    <div class="atributeeditor">
                        <input type="submit" value="Lưu lại"/>
                    </div>
                    <div class="clear">&nbsp;</div>
                    <input type="hidden" name="MM_insert" value="form">
          		</form>
            </div>

        </div>      
    </div>  
</body>
</html>
<?php
mysql_free_result($DanhMuc);
?>
